Skip to main content
SpringerLink
Log in
Book cover

International Conference on Security, Privacy, and Applied Cryptography Engineering

SPACE 2018: Security, Privacy, and Applied Cryptography Engineering pp 142–156Cite as

Correlation Power Analysis on KASUMI: Attack and Countermeasure

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11348))

Abstract

The KASUMI block cipher imparts confidentiality and integrity to the 3G mobile communication systems. In this paper we present power analysis attack on KASUMI as a two-pronged attack: first the FL function is targeted, and subsequently the recovered output of FL function is used to mount attack on \(7\times 7\) and \(9\times 9\) S-boxes embedded in the FO function of the cipher. Our attack recovers all 128 bits of the secret key of KASUMI. Further, we present a countermeasure for this attack which requires lesser resource footprint as compared to existing countermeasures, rendering such implementations practically feasible for resource-constrained applications, such as IoT and RFID devices.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Akkar, M.-L., Giraud, C.: An implementation of DES and AES, secure against some attacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 309–318. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44709-1_26

    Chapter  Google Scholar 

  2. ApS, N.: unabto (2015). https://github.com/nabto/unabto/blob/master/3rdparty/libtomcrypt/src/ciphers/kasumi.c

  3. Biham, E., Dunkelman, O., Keller, N.: A related-key rectangle attack on the full KASUMI. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 443–461. Springer, Heidelberg (2005). https://doi.org/10.1007/11593447_24

    Chapter  Google Scholar 

  4. Blömer, J., Guajardo, J., Krummel, V.: Provably secure masking of AES. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 69–83. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30564-4_5

    Chapter  Google Scholar 

  5. Blunden, M., Escott, A.: Related key attacks on reduced round KASUMI. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 277–285. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45473-X_23

    Chapter  Google Scholar 

  6. Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28632-5_2

    Chapter  Google Scholar 

  7. Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_26

    Chapter  Google Scholar 

  8. Chen, Z., Zhou, Y.: Dual-rail random switching logic: a countermeasure to reduce side channel leakage. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 242–254. Springer, Heidelberg (2006). https://doi.org/10.1007/11894063_20

    Chapter  Google Scholar 

  9. Ishai, Y., Sahai, A., Wagner, D.: Private circuits: securing hardware against probing attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 463–481. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45146-4_27

    Chapter  Google Scholar 

  10. Iwata, T., Kohno, T.: New security proofs for the 3GPP confidentiality and integrity algorithms. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 427–445. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-25937-4_27

    Chapter  Google Scholar 

  11. Jia, K., Li, L., Rechberger, C., Chen, J., Wang, X.: Improved cryptanalysis of the block cipher KASUMI. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 222–233. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-35999-6_15

    Chapter  Google Scholar 

  12. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_25

    Chapter  Google Scholar 

  13. Kühn, U.: Cryptanalysis of reduced-round MISTY. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 325–339. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44987-6_20

    Chapter  Google Scholar 

  14. Masoumi, M., Moghadam, S.S.: A simulation-based correlation power analysis attack to FPGA implementation of KASUMI block cipher. Int. J. Internet Technol. Secur. Trans. 7(2), 175–191 (2017)

    Article  Google Scholar 

  15. Matsui, M., Tokita, T.: MISTY, KASUMI and camellia cipher algorithm development. Mitsibishi Electr. Adv. (Mitsibishi Electr. Corp.) 100, 2–8 (2001)

    Google Scholar 

  16. Nassar, M., Souissi, Y., Guilley, S., Danger, J.L.: RSM: a small and fast countermeasure for AES, secure against 1st and 2nd-order zero-offset SCAs. In: Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 1173–1178. IEEE (2012)

    Google Scholar 

  17. Nguyen, P.H., Robshaw, M.J.B., Wang, H.: On related-key attacks and KASUMI: the case of A5/3. In: Bernstein, D.J., Chatterjee, S. (eds.) INDOCRYPT 2011. LNCS, vol. 7107, pp. 146–159. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25578-6_12

    Chapter  Google Scholar 

  18. Oswald, E., et al.: OpenSCA, an open source toolbox for MATLAB (2008)

    Google Scholar 

  19. Popp, T., Mangard, S.: Masked dual-rail pre-charge logic: DPA-resistance without routing constraints. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 172–186. Springer, Heidelberg (2005). https://doi.org/10.1007/11545262_13

    Chapter  Google Scholar 

  20. Popp, T., Mangard, S., Oswald, E.: Power analysis attacks and countermeasures. IEEE Des. Test Comput. 24(6) (2007)

    Article  Google Scholar 

  21. Rivain, M., Prouff, E.: Provably secure higher-order masking of AES. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 413–427. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-15031-9_28

    Chapter  Google Scholar 

  22. Satoh, A., Morioka, S.: Small and high-speed hardware architectures for the 3GPP standard cipher KASUMI. In: Chan, A.H., Gligor, V. (eds.) ISC 2002. LNCS, vol. 2433, pp. 48–62. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45811-5_4

    Chapter  Google Scholar 

  23. Sugio, N., Aono, H., Hongo, S., Kaneko, T.: A study on higher order differential attack of KASUMI. IEICE Trans. Fundam. Electron., Commun. Comput. Sci. 90(1), 14–21 (2007)

    Article  Google Scholar 

  24. Trichina, E., Korkishko, T., Lee, K.H.: Small size, low power, side channel-immune AES coprocessor: design and synthesis results. In: Dobbertin, H., Rijmen, V., Sowa, A. (eds.) AES 2004. LNCS, vol. 3373, pp. 113–127. Springer, Heidelberg (2005). https://doi.org/10.1007/11506447_10

    Chapter  MATH  Google Scholar 

  25. Wang, Z., Dong, X., Jia, K., Zhao, J.: Differential fault attack on KASUMI cipher used in GSM telephony. Math. Prob. Eng. 2014, 1–7 (2014)

    Google Scholar 

  26. Zhou, Y., Feng, D.: Side-channel attacks: ten years after its publication and the impacts on cryptographic module security testing. IACR Cryptology ePrint Archive 2005/388 (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Indian Institute of Technology Patna, Patna, 801106, India

    Devansh Gupta & Somanath Tripathy

  2. Indian Institute of Technology Indore, Indore, India

    Bodhisatwa Mazumdar

Authors
  1. Devansh Gupta
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Somanath Tripathy
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bodhisatwa Mazumdar
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Devansh Gupta .

Editor information

Editors and Affiliations

  1. School of Computer Science and Engineering, Nanyang Technological University, Singapore, Singapore

    Anupam Chattopadhyay

  2. Indian Institute of Technology Madras, Chennai, India

    Chester Rebeiro

  3. University of Adelaide, Adelaide, Australia

    Yuval Yarom

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Gupta, D., Tripathy, S., Mazumdar, B. (2018). Correlation Power Analysis on KASUMI: Attack and Countermeasure. In: Chattopadhyay, A., Rebeiro, C., Yarom, Y. (eds) Security, Privacy, and Applied Cryptography Engineering. SPACE 2018. Lecture Notes in Computer Science(), vol 11348. Springer, Cham. https://doi.org/10.1007/978-3-030-05072-6_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-05072-6_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-05071-9

  • Online ISBN: 978-3-030-05072-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation